๐ŸŽ New User? Get 20% off your first purchase with code NEWUSER20 ยท โšก Instant download ยท ๐Ÿ”’ Secure checkout Register Now โ†’
Menu

Categories

Security Intermediate

What is RBAC (Role-Based Access Control)?

An access control model where permissions are assigned to roles, and users are assigned to roles rather than getting permissions directly.

RBAC simplifies permission management. Instead of assigning 50 permissions to each of 100 users, you create roles (Admin, Editor, Viewer) with appropriate permissions and assign users to roles. Changing a role updates all users with that role.

RBAC supports role hierarchies (Admin inherits Editor permissions), separation of duties (no single role has all power), and audit compliance. Most applications implement RBAC: database systems, cloud platforms (AWS IAM roles), and web frameworks.

Related Terms

Security Audit
A systematic examination of an information system to assess compliance with security policies, identify vulnerabilities, and verify controls.
Zero Trust
A security model that requires strict identity verification for every user and device, regardless of their network location.
JWT (JSON Web Token)
A compact, self-contained token format used for securely transmitting information between parties as a JSON object.
PKI (Public Key Infrastructure)
A framework of policies, hardware, and software for creating, managing, distributing, and revoking digital certificates.
SAST (Static Application Security Testing)
Automated analysis of source code to find security vulnerabilities without executing the application.
Encryption
The process of converting readable data into an unreadable format using algorithms, reversible only with the correct key.
View All Security Terms โ†’